A blog about bypassing authentication that is enforced only in client-side JavaScript, with four real-world case studies from bug bounty and Synack Red Team engagements.

This post is regarding my findings on Synack Red Team. The findings included a total of 4 SSRFs. One of them being a fully unauthenticated SSRF leading to high privileged account takeover.